The Biden Administration believes China has installed malware on U.S. networks that could affect military operations and other domestic communications, officials told the New York Times, following earlier reports suggesting state-sponsored Chinese hackers had infiltrated American infrastructure networks.
The malware—described by one official as a “ticking time bomb”—is designed to interrupt military operations and would allow China to cut off power, water and communications to U.S. military bases, officials told the Times, though it could also affect homes and businesses across the country.
It is unknown whether the Chinese government is aware of the malware, officials said, and it is not clear how effective the malware would be.
Some members of Congress, state governors and utility companies have been briefed on the malware.
If the malware was utilized, officials estimated communications, computer networks and power grids would be restored within days.
Efforts to install malware on U.S. systems started at least a year before Microsoft announced it had detected infrastructure hacking activity in Guam by Chinese hackers in May, officials said.
George Barnes, deputy director of the National Security Agency, said earlier this month that “China is steadfast and determined to penetrate our governments, our companies, our critical infrastructure.”
U.S. Ambassador to China Nicholas Burns’ email account was broken into Chinese hackers earlier this month, though the Chinese government denied the incident was part of a large-scale attack. Hackers also accessed the email of Commerce Secretary Gina Raimondo. Assistant Secretary of State for East Asian and Pacific Affairs Daniel Kritenbrink also had his emails accessed, a month after the diplomat visited China with Secretary of State Antony Blinken. Blinken questioned Chinese Foreign Minister Wang Yi about the incident, though Yi’s response is unknown, according to CNN.
Relations between the U.S. and China have worsened in recent years, after former President Donald Trump blamed China for the pandemic. The Biden Administration increased sanctions against Chinese officials before tensions flared earlier this year, when a Chinese spy balloon was shot down off the South Carolina Coast. U.S. officials later claimed Guam and Hawaii were the intended targets for the balloon’s surveillance. The Chinese government was accused of infrastructure hacking activity that targeted Guam earlier this month. Microsoft reported with “moderate confidence” the incident was used to further the country’s hacking capability and later target communications infrastructure. The company indicated the hack was carried out by Chinese state-sponsored hacker Volt Typhoon, who has been active since mid-2021. Volt Typhoon has targeted sectors such as communications, utility, government and education, among others. Officials warned the hack on infrastructure organizations in Guam could impact a possible military conflict between Taiwan and China. Wang Wenbin, spokesperson for China’s foreign ministry, previously denied China was at all surveilling the U.S., which he referred to as the “global champion of hacking and superpower of surveillance.”
U.S. Hunting Chinese Malware That Could Disrupt American Military Operations (New York Times)
Microsoft Says China Hackers Targeted ‘Critical’ U.S. Infrastructure In Guam—A Key Military Asset In The Pacific (Forbes)
Chinese Hackers Breached The Email Of A U.S. Ambassador, Reports Say (Forbes)
Follow me on Twitter. Send me a secure tip.